lsign produces exportable signatures when used for self-sigs

Peter Lebbing peter at
Fri Sep 13 15:49:28 CEST 2013

On 2013-09-13 14:24, Nicholas Cole wrote:
> The correct way would be to have keyservers
> honour the no-modify flag, or perhaps have some notation on the ID
> that prevents uploading to a public keyserver.  I myself would favour 
> the latter approach.

The latter has the same problem as the no-modify flag: it can be 
subverted by someone as long as the keyservers do not do crypto.



PS: I accidentally replied to Nicholas only. Using a different client 
than usually.

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

More information about the Gnupg-users mailing list